See Recorded Future’s Threat Intelligence Solutions in Action

See our Threat Intelligence Solutions in Action

Reduce risk and mitigate cyber attacks, no matter your IT & security stack, maturity journey, or industry

Book a free demo

View Solutions to Reduce Risk

See Recorded Future’s Intelligence in Action

Reduce operational risk through timely, precise, and actionable intelligence.

Book a free demo

Intelligence Cloud Overview

View Services & Support Overview

View Research Overview

CVE-1999-1226

CVSS 2.0 Score 2.6 of 10 (low)

Details

Published Oct 28, 1999

Updated: Nov 20, 2024

Summary

CVE-1999-1226 is a vulnerability affecting Netscape Communicator 4.7 and earlier versions. An attacker can exploit this issue by sending a specially crafted certificate key, which is excessively long. This results in a denial-of-service condition, potentially allowing the attacker to execute arbitrary commands on the vulnerable system. The vulnerability occurs due to the Netscape software's failure to validate the length of the certificate key, making it susceptible to manipulation. This issue poses a significant security risk, as it can lead to both denial-of-service attacks and arbitrary code execution.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Netscape Communicator

Affected Vendors

Netscape

Advisories, Assessments, and Mitigations

Back to Vulnerability Database